---
# tasklist for setting up the mirrorlist app on the proxies


- name: add mirrormanager user - uid {{ mirrormanager_uid }}
  user: name=mirrormanager uid={{ mirrormanager_uid }} state=present home=/home/mirrormanager createhome=yes
  tags:
  - mirrorlist_proxy

# mirrormanager user ssh key(s)
- name: add authorized_keys for mirrormanager
  authorized_key: key="{{ item }}" user=mirrormanager state=present
  with_file:
  - mm-authorized_key
  tags:
  - mirrorlist_proxy

- name: setup directories
  file: dest="{{item}}" mode=0755 state=directory
  with_items:
  - /srv/mirrorlist
  - /srv/mirrorlist/data
  - /srv/mirrorlist/data/mirrorlist1
  - /srv/mirrorlist/data/mirrorlist2
  - /var/log/mirrormanager
  tags:
  - mirrorlist_proxy

- name: make sure the /usr/share/GeoIP/ directory exists
  file:
    path: /usr/share/GeoIP/
    state: directory
    owner: root
    group: root
    mode: 0755
  tags:
  - mirrorlist_proxy

- name: push over the newer geoip db
  copy: src={{ item }} dest=/usr/share/GeoIP/
  with_fileglob:
   - "{{ bigfiles }}/geoip/*.mmdb"
  tags:
  - mirrorlist_proxy

- name: make sure mirrormanager user can write new protobuf based cache file
  file: dest="{{item}}" owner=mirrormanager group=mirrormanager
  with_items:
  - /srv/mirrorlist/data
  - /srv/mirrorlist/data/mirrorlist1
  - /srv/mirrorlist/data/mirrorlist2
  tags:
  - mirrorlist_proxy

- name: for the rust based mirrorlist server chown directories
  file: dest="{{item}}" owner=mirrormanager group=mirrormanager
  with_items:
  - /var/log/mirrormanager
  tags:
  - mirrorlist_proxy

- name: Ensure log file for content exists
  file: dest="{{item}}" owner=mirrormanager group=mirrormanager mode=0755 state=touch
  with_items:
  - /var/log/mirrormanager/mirrorlist1.service.log
  - /var/log/mirrormanager/mirrorlist2.service.log
  tags:
  - mirrorlist_proxy

- name: for the rust based mirrorlist server chown log files
  file: dest="{{item}}" owner=mirrormanager group=mirrormanager
  with_items:
  - /var/log/mirrormanager/mirrorlist1.service.log
  - /var/log/mirrormanager/mirrorlist2.service.log
  tags:
  - mirrorlist_proxy

- name: set logrotate_read_inside_containers so logrotate works
  seboolean: name=logrotate_read_inside_containers state=yes persistent=yes
  tags:
  - mirrorlist_proxy

- name: setup logrotate log for mirrormanager log files
  copy: src=logrotate-mirrormanager dest=/etc/logrotate.d/mirrormanager
  tags:
  - mirrorlist_proxy

- name: install mirrorlist-server package
  package: name={{ item }} state=present
  with_items:
  - mirrorlist-server
  tags:
  - packages
  - mirrorlist_proxy

# We deploy two service files. Both listen on a different port, so that we can switch
# them out as part of the protobuf cache deployment without having any local downtime.
- name: Deploy service files
  template: src=mirrorlist.service.j2 dest=/etc/systemd/system/mirrorlist{{ item }}.service
  with_items:
  - 1
  - 2
  tags:
  - mirrorlist_proxy
  notify:
  - reload systemd

# enable both of them to run on boot
- name: Enable mirrorlist1
  service: name=mirrorlist1 enabled=yes
  tags:
  - mirrorlist_proxy

- name: Enable mirrorlist2
  service: name=mirrorlist2 enabled=yes
  tags:
  - mirrorlist_proxy

# install our cron script to handle hourly new protbuf cache changes.
- name: install script to restart mirrorlist processes on protobuf cache changes
  copy: src=restart-mirrorlist-processes dest=/usr/local/bin/restart-mirrorlist-processes mode=0755
  tags:
  - mirrorlist_proxy

- name: Setup hourly cron at for mirrorlist restarts
  cron: name="restart-mirrorlist-processes" minute="20" user="root"
        job="/usr/local/bin/restart-mirrorlist-processes"
        cron_file=restart-mirrorlist-processes
  tags:
  - mirrorlist_proxy

- name: Set cron MAILTO for restart-mirrorlist-processes
  cronvar:
    name: MAILTO
    value: "root@fedoraproject.org,adrian@lisas.de"
    cron_file: restart-mirrorlist-processes
  tags:
  - mirrorlist_proxy

# Custom selinux policy to allow logrotate to rotate our mirrorlist logs
- name: ensure a directory exists for our custom selinux module
  file: dest=/usr/local/share/mirrorlist-logrotate state=directory
  tags:
  - selinux
  - mirrorlist_proxy

- name: copy over our custom selinux module
  copy: src=selinux/mirrorlist-logrotate.pp dest=/usr/local/share/mirrorlist-logrotate/mirrorlist-logrotate.pp
  register: selinux_module
  tags:
  - selinux
  - mirrorlist_proxy

- name: install our custom selinux module
  command: semodule -i /usr/local/share/mirrorlist-logrotate/mirrorlist-logrotate.pp
  when: selinux_module is changed
  tags:
  - selinux
  - mirrorlist_proxy

- name: check for mirrorlist files
  stat: path=/srv/mirrorlist/data/mirrorlist1/mirrorlist_cache.proto
  register: mirrorlist_cache_status
  tags:
  - mirrorlist_proxy

- name: Deploy mirrorlist data files (if this is a initial install)
  command: "rsync -az --delete-delay --delay-updates --delete /var/lib/mirrormanager/mirrorlist_cache.proto /usr/share/mirrormanager2/country_continent.csv /var/lib/mirrormanager/global_netblocks.txt /var/lib/mirrormanager/i2_netblocks.txt {{ inventory_hostname }}:/srv/mirrorlist/data/mirrorlist1/"
  become: yes
  become_user: mirrormanager
  delegate_to: "mm-backend01.iad2.fedoraproject.org"
  when: env == "production" and not mirrorlist_cache_status.stat.exists
  tags:
  - mirrorlist_proxy
